Certificato di qualità Giacomo Lanzi

Quality certificate for the SOCaaS of SOD

Estimated reading time: 7 minutes

cybersecurity award 2021

The technology we use to deliver our SOCaaS has been awarded a quality certificate . Today we want to talk about this, explaining again what a SOC is and why a SOCaaS is an ideal solution for companies.

Of course, we will also explain what it is about when we talk about the quality certificate and how this ensures excellent service for our customers.

Differences between SOC and SOCaaS

A SOC, acronym for Security Operation Center , is a central command hub that acquires data from an IT infrastructure and analyzes it. Ideally, all devices that are part of the infrastructure are part of the data collection. This means, in the business environment, that every device connected to the network or that connects to the network by accrediting itself, should be included in the data collection.

A SOC is a physical place, with hardware tools, where a team of IT technicians manage the data flow and analyze it using the available tools. This means maintenance, installation and employee maintenance costs.

A more flexible variant is represented by SOCaaS, ie Security Operation Center as a Service . It is a model based on services provided by an external supplier that delocalizes the tasks of a SOC. With the increasingly important evolution and diffusion of the cloud, we have come to a situation in which SOCaaS is the main driver. Thanks to cloud technologies, in fact, data collection and network information, as well as logs, can be reached via the network.

To simplify: a SOCaaS is a SOC, which however is provided as a service; in practice, the brain of the SOC is connected to the infrastructure to be monitored and not internal to the company. The costs of implementation, maintenance and management are greatly reduced.

Thanks to SOCaaS and automation and analysis tools, the environment you want to control is constantly monitored and threats and anomalies are detected in real time.

SOD and quality certificate

Threats on the net have evolved over time to become extremely sophisticated. They target targets that fail to recognize them in a timely manner , resulting in damage that can be data loss or even the ransom note .

SOCaaS, as mentioned, simply allows you to save time and resources by replacing the staff to be employed in the search for the various malware that are always lurking.

We are pleased to say that the technologies we adopt in SOCaaS have been awarded a quality certificate and are positioned in the magic quadrant of Gartner. Among the resources available in our SOCaaS, we mention SDL , SIEM and UEBA .

SIEM collects all events and information to be managed, enriching the data in the SDL so that they are easily analyzed. UEBA’s user behavior analysis is invaluable when a social engineering attack arises.

Artificial intelligence offers an important help to our SOCaaS as it analyzes threats and possible risks. Furthermore, the constant presence of an available team ensures security against all ransomware attacks.

The quality certificate that our technology has received occupies a place of Leader in the Gartner’s Magic Quadrant . Gartner is an institution that has established who the most important IT vendors on the market since 1979.

Quality certificate equals excellence

It is essential these days to have a good valuation when you are in a certain market sector. For example, on eCommerce sites it is common to find user reviews before making a purchase. However, no one really guarantees that the reviews are genuine. Similarly, technologies available on the net are not always as beneficial as they appear. The Gartner Magic Quadrant takes care of that.

Gartner analyzes the players in the market for a service using qualitative analysis . Check the maturity, the participants and the market trends. The competition focuses on four aspects displayed in a graphical table, the so-called magic quadrant .

The quadrant is divided into categories: Visionaries, Challengers, Niche Players and Leaders. Most interest is directed towards the Leader position which represents the top for execution and completeness. Our technology is found right in the Leaders quadrant.

The Magic Quadrant offers almost immediate understanding of the most trusted providers on the market .

Obviously, there are various strategies to rely on when choosing a service or technology, and relying on Leaders is not always the best idea. What is good today may not be suitable in the future.

The alternatives could materialize in the market Challengers who move with speed or in the niche players who can guarantee a more precise and accurate service than a Leader.

Business objectives, in general, are the guide to follow and depend on your company but to be almost foolproof it is always better to ask for help from specialized companies able to provide advice and suggestions.

Quality certificate

The magic quadrant of Gartner

As mentioned earlier, the Magic Quadrant is read using four parameters that need careful viewing. Below is a generic magic dial, while by clicking here you can see the list of all the magic dials divided by topic.

generic magic quadrant

Leader

The supplier in the leading position has the credibility, market share and sales skills necessary for the distribution and acceptance of new technologies. Is able to understand the customer needs and always keeps an eye on innovation.

Sometimes he designs elaborate plans that he makes available to clients. In this way the infrastructures and strategies are efficient and feasible. From a financial point of view, it enjoys the stability and support of the platform, also thanks to the geographical coverage. This watch face can be defined as the real certificate of quality by looking at the magic dials.

Challenger

The greatest threat to the Leader is undoubtedly represented by the Opponent or Challenger. It works well and has a credible market position. The extreme faith in projects that can continually grow over time makes him capable of developing strong products.

While they are not as well established as the Leaders financially, they still remain stable and solid.

Visionary

The Visionary is perfect for all the novelties that could revolutionize the market. Such a supplier guarantees product innovation and is able to address operational and financial problems on a large scale.

One of the big flaws, however, is the instability due to unsustainable profitability and the ability to acquire market shares . Over time an investment can prove to be profitable or not but it basically depends on some signals that need to be interpreted.

The Visionary is often a private company or acquisition objectives by the more consolidated or large company because the possible risk probability of installing on their systems is lower in the event of an acquisition.

Niche operators or actors

The verticalization of the market or the focus on specific areas concerns all niche players. This supplier can be a large company but it is struggling to achieve the goal it has set or it is the one that adapts its product in order to enter a particular market.

In conclusion

Following your vision and establishing yourself online is never easy because it is not uncommon to encounter problems of various kinds, from a lack of resources to the difficulty of standing out on the market.

The technology we use for our SOCaaS has revolutionized the market and earned a place alongside the leaders in the Gartner Magic Quadrant. We are very happy with this milestone, which means better service for our customers, greater safety and in general the excellence we have always aimed for.

If you want to know how our services can help your business, do not hesitate to contact us, we will be happy to answer any questions.

Link utili:

Share


RSS

More Articles…

Categories …

Tags

RSS Dark Reading

RSS Full Disclosure

  • Disclosing Vulnerability of CLink Office 2.0 May 23, 2022
    Posted by chan chan on May 23Dear Sir/Madam, I would like to submit a vulnerability found on CLink Office 2.0. I had contacted the vendor 60 days before but in vain. # Exploit Title: Multiple blind SQL injection vulnerabilities in in CLink Office 2.0 Anti-Spam management console # Date: 30 Mar 2022 # Exploit Author: […]
  • [tool] tplink backup decryptor. May 23, 2022
    Posted by retset on May 23Yet another "tool" to decrypt a backup configs for some tplink wifi routers. Only tested on latest fw for "Archer C7". I hope that it will be useful for someone. https://github.com/ret5et/tplink_backup_decrypt_2022.bin
  • SEC Consult SA-20220518-0 :: Multiple Critical Vulnerabilities in SAP® Application Server, ABAP and ABAP® Platform (Different Software Components) May 18, 2022
    Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on May 18SEC Consult Vulnerability Lab Security Advisory < 20220518-0 > ======================================================================= title: Multiple Critical Vulnerabilities product: SAP® Application Server ABAP and ABAP® Platform (Different Software Components) vulnerable version: see section "Vulnerable / tested versions" fixed version: see SAP security notes...
  • PHPIPAM 1.4.4 - CVE-2021-46426 May 18, 2022
    Posted by Rodolfo Augusto do Nascimento Tavares via Fulldisclosure on May 18=====[ Tempest Security Intelligence - ADV-03/2022 ]========================== PHPIPAM - Version 1.4.4 Author: Rodolfo Tavares Tempest Security Intelligence - Recife, Pernambuco - Brazil =====[ Table of Contents ]================================================== * Overview * Detailed description * Timeline of disclosure * Thanks & Acknowledgements * References =====[ Vulnerability […]
  • LiquidFiles - 3.4.15 - Stored XSS - CVE-2021-30140 May 18, 2022
    Posted by Rodolfo Augusto do Nascimento Tavares via Fulldisclosure on May 18=====[ Tempest Security Intelligence - ADV-12/2021 ]========================== LiquidFiles - 3.4.15 Author: Rodolfo Tavares Tempest Security Intelligence - Recife, Pernambuco - Brazil =====[ Table of Contents]================================================== * Overview * Detailed description * Timeline of disclosure * Thanks & Acknowledgements * References =====[ Vulnerability...
  • Watch multiple LockBit Ransom get DESTROYED Mass PWNAGE at scale! May 18, 2022
    Posted by malvuln on May 18Watch multiple LockBit Ransom get DESTROYED Mass PWNAGE at scale! https://www.youtube.com/watch?v=eg3l8a_HSSU
  • github.com/malvuln/RansomDLLs / Catalog of current DLLs affecting vulnerable Ransomware strains. May 18, 2022
    Posted by malvuln on May 18Reference list for my Ransomware exploitation research. Lists current DLLs I have seen to date that some ransomware search for, which I have used successfully to hijack and intercept vulnerable strains executing arbitrary code pre-encryption. https://github.com/malvuln/RansomDLLs
  • APPLE-SA-2022-05-16-2 macOS Monterey 12.4 May 17, 2022
    Posted by Apple Product Security via Fulldisclosure on May 16APPLE-SA-2022-05-16-2 macOS Monterey 12.4 macOS Monterey 12.4 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213257. AMD Available for: macOS Monterey Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed […]
  • APPLE-SA-2022-05-16-6 tvOS 15.5 May 17, 2022
    Posted by Apple Product Security via Fulldisclosure on May 16APPLE-SA-2022-05-16-6 tvOS 15.5 tvOS 15.5 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213254. AppleAVD Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: An application may be able to execute arbitrary code with kernel […]
  • APPLE-SA-2022-05-16-5 watchOS 8.6 May 17, 2022
    Posted by Apple Product Security via Fulldisclosure on May 16APPLE-SA-2022-05-16-5 watchOS 8.6 watchOS 8.6 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213253. AppleAVD Available for: Apple Watch Series 3 and later Impact: An application may be able to execute arbitrary code with kernel privileges Description: A use after free […]

Customers

Newsletter